1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
%global _empty_manifest_terminate_build 0
Name: python-libcsce
Version: 0.1.0
Release: 1
Summary: Cobalt Strike configuration extractor and parser library and scripts.
License: Apache-2.0
URL: https://github.com/strozfriedberg/cobaltstrike-config-extractor
Source0: https://mirrors.aliyun.com/pypi/web/packages/84/32/cea16d30b5b5379a19f9fe1e1d410f32d6ac4a25872f6ab59c5570fb8bbf/libcsce-0.1.0.tar.gz
BuildArch: noarch
Requires: python3-pefile
%description
Pure Python library and set of scripts to extract and parse configurations (configs) from `Cobalt Strike Beacons <https://www.cobaltstrike.com/help-beacon>`_.
The library, ``libcsce``, contains classes for building tools to work with Beacon configs.
There are also two CLI scripts included that use the library to parse Beacon config data:
1. ``csce``: Parses all known Beacon config settings to JSON,
mimicing the `Malleable C2 profile <https://cobaltstrike.com/help-malleable-c2>`_ structure.
2. ``list-cs-settings``: Attempts to find by brute-force the associated Cobalt Strike version, and all settings/their types, of a Beacon config.
This script is useful for conducting research on Beacon samples.
%package -n python3-libcsce
Summary: Cobalt Strike configuration extractor and parser library and scripts.
Provides: python-libcsce
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-pip
%description -n python3-libcsce
Pure Python library and set of scripts to extract and parse configurations (configs) from `Cobalt Strike Beacons <https://www.cobaltstrike.com/help-beacon>`_.
The library, ``libcsce``, contains classes for building tools to work with Beacon configs.
There are also two CLI scripts included that use the library to parse Beacon config data:
1. ``csce``: Parses all known Beacon config settings to JSON,
mimicing the `Malleable C2 profile <https://cobaltstrike.com/help-malleable-c2>`_ structure.
2. ``list-cs-settings``: Attempts to find by brute-force the associated Cobalt Strike version, and all settings/their types, of a Beacon config.
This script is useful for conducting research on Beacon samples.
%package help
Summary: Development documents and examples for libcsce
Provides: python3-libcsce-doc
%description help
Pure Python library and set of scripts to extract and parse configurations (configs) from `Cobalt Strike Beacons <https://www.cobaltstrike.com/help-beacon>`_.
The library, ``libcsce``, contains classes for building tools to work with Beacon configs.
There are also two CLI scripts included that use the library to parse Beacon config data:
1. ``csce``: Parses all known Beacon config settings to JSON,
mimicing the `Malleable C2 profile <https://cobaltstrike.com/help-malleable-c2>`_ structure.
2. ``list-cs-settings``: Attempts to find by brute-force the associated Cobalt Strike version, and all settings/their types, of a Beacon config.
This script is useful for conducting research on Beacon samples.
%prep
%autosetup -n libcsce-0.1.0
%build
%py3_build
%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .
%files -n python3-libcsce -f filelist.lst
%dir %{python3_sitelib}/*
%files help -f doclist.lst
%{_docdir}/*
%changelog
* Tue Jun 20 2023 Python_Bot <Python_Bot@openeuler.org> - 0.1.0-1
- Package Spec generated
|
